New Zealand's cybersecurity agency is notifying more than 26,000 users who have been infected with the Lumma Stealer

NCSC NZ

NZ cyber agency alerts thousands to malware infection

The GCSB’s National Cyber Security Centre (NCSC) is emailing thousands of New Zealanders to notify them that their devices may be impacted by mal...

Germany's cybersecurity agency has conducted a security audit of ten password managers and found that three of them can access a user's stored passwords—Google Chrome, mSecure, and PassSecurium

Bundesamt für Sicherheit in der Informationstechnik

Untersuchung: BSI identifiziert Verbesserungsbedarf bei Passwortmanagern

Aufgrund der Sensibilität der in Passwortmanagern gespeicherten Daten bestehen hohe Anforderungen an deren IT-Sicherheit. Zur Prüfung der Umsetzu...

Cydome has spotted Broadside, a new variant of the Mirai IoT malware. The botnet is targeting TBK DVRs, commonly used by the maritime sector, including on some vessels.

Cydome

Cydome identifies new Botnet targeting maritime IoT

Cydome research identified "Broadside", A New Mirai Botnet Variant, Targeting Maritime IoT Devices with new capabilities

What in the hell is going on with Mastodon embedded content. Why are those widgets becoming tinier and tinier?

Europol arrests 193 in crackdown against Violence-as-a-Service platforms. Unclear if any of the arrests are TheCom members

Europol

Operational Taskforce GRIMM: 193 arrests in 6 months tackling violence-as-a-service networks | Europol

Europol’s Operational Taskforce (OTF) GRIMM has made significant progress in its first six months of operation, arresting 193 individuals and...

The International Criminal Court will investigate genocide and war crimes that have been enabled through cyberspace (hacks, leaks, social media posts) The ICC published its new policy and has put cyber on the same footing as crimes committed through other means https://www.icc-cpi.int/news/icc-office-prosecutor-launches-policy-cyber-enabled-crimes-under-rome-statute-address

Per Sysdig, North Korean hackers are now exploiting React2Shell to drop EtherRAT, a remote access trojan that uses Ethereum smart contracts as C2

EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks | Sysdig

Discover how the critical React2Shell vulnerability (CVE-2025-55182) is being actively exploited to deploy EtherRAT, a persistent access implant th...

Koi Security researchers have discovered a malicious VSCode theme (Bitcoin Black) and extension (Codo AI) that captures a user's screen and sends it to attackers, in the hopes of capturing passwords and crypto-wallet seed phrases

The VS Code Malware That Captures Your Screen

Malicious VS Code malware captures your screen activity, putting sensitive coding and personal information at serious risk for developers.